How do I go about using cookies to log in on another computer? On computer A I have logged in onto a secure site (using SSO) and I retrieved the contents of document.cookie. Can I go to computer B, visit the same site, and set the cookie with the same values in order to "log in" to that same site on computer B?

To get the client's IP, call request.getRemoteAddr(). Beware that this may be the IP of a proxy, concentrator or other network level device that the client is going through to access the internet. For an example think AOL.

Thanks thrill but I don't know any PASCAL. Also, it's a requirement to use JSP for my project.

Hey Matt, sorry I don't live in the US so I don't know anything about AOL. But over here internet access goes through a proxy as well. Is it always the case that the proxy IP from a client will always be the same? Will there be a case where a client is routed through different proxies when accessing my website during the same session? Or is this something that depends on my ISP?

I suppose the best way of keeping track of this IP is by saving it as a session variable? Even if it's picked up an attacker wouldn't be able to change their IP. Storing the IP in the database would take up unnecessary space and there is also an issue of removing the entries once the session is over.